ATGs are used in multiple critical sectors of industry, and many are still unsecured.

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. The campaign was ...

Administrators of the Drupal open source content management platform are rushing to install an emergency patch issued today to fix a “highly critical” SQL injection vulnerability in the application’s ...

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

CISA added CVE-2026-42271, a high-severity LiteLLM command injection flaw, to its KEV catalog after evidence of active ...

University of Toronto researchers demonstrate how open-weight local LLMs can be used to autonomously exploit flaws and ...

A flaw in Meta's AI-powered Instagram recovery tool allowed attackers to hijack accounts by redirecting password reset links, bypassing traditional security measures. Meta quickly patched the ...

Most organizations find out about security gaps the hard way. By the time a vulnerability surfaces, attackers have already ...

Critical infrastructure organizations should move to harden their Automatic Tank Gauge (ATG) systems to defend against ...

SAP has released fixes for 15 vulnerabilities as part of its June 2026 Security Patch package, including four ...